Can't update syncthing via apt anymore


since today I have an error during “apt update” on an ubuntu 20.04 system. I saw some new instructions on and followed them. However, this error remains: Fehl:15 syncthing Release Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake:

I got the newest gpg file, just moments ago, so I guess the file is out-of-date…

1 Like

The letsencrypt intermediary certificates expired, and our Caddy is not renewing them. I’m looking into it.


The certificates look correct to me now, but there are apparently issues with openssl compatibility on some hosts, and possible outdated local certificate stores.

1 Like

To connect to LE-certified sites from clients with old openssl 1.0 (example: apt/wget in debian 8/debian 9) you need to remove expired certificate from your machine.

#dpkg-reconfigure ca-certificates

Then “Yes”. Deselect “mozilla/DST_Root_CA_X3.crt”! “Ok”.

This did the trick. Thanks…


I have the same problem, how did you 'Deselect’mozilla/DST_Root_CA_X3.crt ?

This is what I see:

[*] mozilla/DST_Root_CA_X3.crt



Depends on your terminal, but usually you select the item with arrow keys and then press space to deselect it. Confirm your selection with enter.

Space must about the only thing I didn’t try…Thanks

1 Like

I tried the solution suggested above, with no effect.

This worked for me: sudo apt-key adv --keyserver --recv-keys D26E6ED000654A3E

Apt update no longer complains.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.